Why We Need to Pay More Attention to Cybersecurity in 2014

The state of cybersecurity in 2014 is tenuous at best. President Obama paid nominal attention to the matter in his State of the Union (SOTU) address January 28 giving it only one mention. “Here at home, we’ll keep strengthening our defenses, and combat new threats like cyberattacks,” he promised.

This is a sharp contrast from his 2013 SOTU speech when he declared,

WE KNOW HACKERS STEAL PEOPLE’S IDENTITIES AND INFILTRATE PRIVATE EMAIL. WE KNOW FOREIGN COUNTRIES AND COMPANIES SWIPE OUR CORPORATE SECRETS. NOW OUR ENEMIES ARE ALSO SEEKING THE ABILITY TO SABOTAGE OUR POWER GRID, OUR FINANCIAL INSTITUTIONS AND OUR AIR TRAFFIC CONTROL SYSTEMS. WE CANNOT LOOK BACK YEARS FROM NOW AND WONDER WHY WE DID NOTHING IN THE FACE OF REAL THREATS TO OUR SECURITY AND OUR ECONOMY.

At that time Obama issued an executive order designed to improve communication between government agencies and the private sector to better identify and thwart cyber attacks. It has never been more important for agencies to communicate and collaborate on security. Several attacks and threats have made the news recently, from compromised government information to stolen credit card information.

Critical infrastructure such as the power grid is at the top of the list when it comes to cyber security.

Coincidentally, the 2014 Cybersecurity Innovation Forum was held in Baltimore at the end of January 2014. Michael Daniel, White House Cybersecurity Coordinator, gave a keynote address at the forum outlining trends in cyber threats as well as the increase in occurrences. “Compromises are becoming inevitable,” he said. “Companies need to build them into their business plans.”

Preventing cyber threats can be expensive for businesses because they must spend large amounts of time and money safeguarding against an attack. The same is true of the country’s critical infrastructure, such as the electric grid, which is almost always under attack. In fact, most of us would be astonished to know exactly how many cyber security breach attempts are thwarted every day by the U.S. and the private sector (particularly banks). The United States fends off millions – yes millions – of attacks, every day. Considering we only hear about a handful of successful attacks, it seems that hackers have a pretty bad track record.

Grid operators are preparing for cyber attack scenarios too; in case the worst should happen. But, with proper preparation and maintenance of equipment and software, our electric grid will maintain a sturdy defense. Where we once needed bars and barbed wire to keep criminals from wreaking havoc, it seems we now need firewalls and computer programmers at the ready. My grandfather, who worked for a utility company on electric lines for most of his life, always used to tell me that it’s possible to take out the power grid with nothing more than a wrench if a criminal knows what he’s doing. That’s a scary thought. Now you need nothing more than a computer and an internet connection to attack the grid. A cyber criminal doesn’t even have to leave the house. The administration needs to stick to its promise to buckle down and keep the doors to our power grid – both physical and virtual – locked to criminals.